# Contributor: Jake Buchholz <tomalok@gmail.com>
# Maintainer: Jake Buchholz <tomalok@gmail.com>

pkgname=containerd

# NOTE: containerd's Makefile tries to get REVISION from git, but we're building from a tarball.
_commit=8fba4e9a7d01810a393d5d25a3621dc101981175
pkgver=1.3.7
pkgrel=0
pkgdesc="An open and reliable container runtime"
url="https://containerd.io"
arch="all !mips !mips64"
license="Apache-2.0"
depends="runc"
makedepends="btrfs-progs-dev go go-md2man libseccomp-dev"
subpackages="
	$pkgname-doc
	$pkgname-stress
	$pkgname-openrc:openrc:noarch
"
source="containerd-$pkgver.tar.gz::https://github.com/containerd/containerd/archive/v$pkgver.tar.gz
	containerd.confd
	containerd.initd
	make-buildmode-configurable.patch
	fix-mips64-stat-struct.patch"
builddir="$srcdir/src/github.com/containerd/containerd"

# secfixes:
#   1.3.3-r0:
#     - CVE-2019-19921
#     - CVE-2020-0601
#     - CVE-2020-7919
#     - CVE-2019-11253
#   1.3.1-r0:
#     - CVE-2019-17596
#   1.3.0-r0:
#     - CVE-2019-16884
#   1.2.9-r0:
#     - CVE-2019-9512
#     - CVE-2019-9514
#     - CVE-2019-9515
#   1.2.6-r0:
#     - CVE-2019-9946

prepare() {
	cd "$srcdir"
	export GOPATH="$PWD"
	mkdir -p $(dirname "$srcdir/src/github.com/containerd/containerd")
	ln -s "$PWD/$pkgname-$pkgver" "$builddir"
	cd "$builddir"

	default_prepare
}

build() {
	case "$CARCH" in
		mips64*) buildmode=exe;;
		*) buildmode=pie;;
	esac

	make VERSION="v$pkgver" REVISION="$_commit" BUILDMODE="$buildmode"
	make man
}

check() {
	./bin/containerd --version
}

package() {
	install -d "$pkgdir"/usr/bin/
	install -Dsm755 "$builddir"/bin/* "$pkgdir"/usr/bin/
	install -d "$pkgdir"/usr/share/man/man5/
	install -Dm644 "$builddir"/man/*.5 "$pkgdir"/usr/share/man/man5/
	install -d "$pkgdir"/usr/share/man/man8/
	install -Dm644 "$builddir"/man/*.8 "$pkgdir"/usr/share/man/man8/
	install -d "$pkgdir"/etc/containerd/
	"$pkgdir"/bin/containerd config default | sed "s|/opt/cni/bin|/usr/libexec/cni|g" > "$pkgdir"/etc/containerd/config.toml
}

openrc() {
	pkgdesc="OpenRC init scripts for standalone containerd"
	depends="$pkgname"

	install -Dm755 "$srcdir"/containerd.initd "$subpkgdir"/etc/init.d/containerd
	install -Dm644 "$srcdir"/containerd.confd "$subpkgdir"/etc/conf.d/containerd
}

stress() {
	pkgdesc="containerd-stress utility"
	amove usr/bin/containerd-stress
}

sha512sums="dab23d75b3c7cb5aa766f7424d0b1d2a3e316b926ad58426d062fb6d24a998df96ceb1d92bacceee93ff908ee22401e4bb7730cf9674c81766927858c106ba76  containerd-1.3.7.tar.gz
72ee9882c39f6be9060862f27eea805dc9405ae2a081a6ad5356d2c1534377f955099dc57f5dadcfdeb70d4a54ef21e7d5d230f1ef0197fa77c288ef91445ef0  containerd.confd
614c926bfbf424f94e3e56d9a483a04c36659f83cfbfbdb4538b561fb6be388b86e08f2ed7cd25e572098f7dda9ea1ed023883f3c4554b5739ad12e19b281983  containerd.initd
b38ce6d31bfba2e74413887237f5b8abb4fa06d36937d9a73a612a1be10a79927b7f6643f2dd10bee4361b9f5cf11e6349052ab24795ce7d176eae2add3e4d72  make-buildmode-configurable.patch
c591b18386dbf39aff358007bcc4704f8e668e93002c73fd61090f4c6bb5b52ccb84813e9f82136bf4de6531b1404ecea71a05a6af63ba96daa3b354e4a290ab  fix-mips64-stat-struct.patch"
